Threatexpress¶
Welcome to the Threat Express information security blog created by red teamers, penetration testers and security professionals. This blog contains security research, tools, and other red teaming related information.
Joe Vest and James Tubberville released a book !
Red Team Development and Operations, zero-day edition¶
Find it on Amazon
Paperback - "Red Team Development and Operations", Zero-Day Edition
eBook - "Red Team Development and Operations", Zero-Day Edition
Audio - "Red Team Development and Operations", Zero-Day Edition
B&N Paperback - "Red Team Development and Operations", Zero-Day Edition
or visit the book's companion website here http://redteam.guide
The blog contributors are:¶
- Andrew Chiles @andrewchiles
- James Tubberville @minis_io
- Joe Vest @joevest
All Posts¶
2025¶
- April 2025 - Blog updates
- April 2025 - Install Bloodhound
2020¶
- January 2020 - Red Team Development and Operations
2019¶
- November 2019 - Event Data Collector
- August 2019 - C2 Agent Comparison
- March 2019 - Git clone all organizational repos
- January 2019 - Penetration Testing Pasties
2018¶
- November 2018 - A Deep Dive into Cobalt Strike Malleable C2
- June 2018 - Threat Get's a Vote: Applying a Threat-Based Approach to Security Testing
- May 2018 Threat Mitigation Strategies and Technical Recommendations Part 2
- February 2018 - Automating Apache mod_rewrite and Cobalt Strike Malleable C2 Profiles
- January 2018 - Threat Mitigation Strategies Part 1
- January 2018 - HostEnum - Updates and Usage
- January 2018 - Threat Mitigation Strategies Part 1
2017¶
- October 2017 - Borrowing Microsoft MetaData and Signatures to Hide Binary Payloads
- September 2017 - Install BloodHound on Ubuntu
- May 2017 - [Empire - Modifying Server C2 Indicators(threatexpress/2017/empire-modifying-server-c2-indicators/)
- May 2017 - invoke-hostenum - A PowerShell Host Situational Awareness Tool
- March 2017 - Leveraging Expired Domains for Red Team Engagements
2016¶
- December 2016 - Slack Notifications for Cobalt Strike
- October 2016 - SubShell and TinyShell - Custom Covert Webshells
- September 2016 - New Information Security and Red Teaming Blog Threat Express by MINIS